The official command-line client for spyse.com.
NOTE: This tool is currently in the early stage beta and shouldn't be used in production.
Your feedback and suggestions are highly appreciated.
Targeted recon:
Gather associated targets:
- Subdomains lookup
- Reverse IP lookup
- Reverse NS lookup
- Reverse MX lookup
- Reverse PTR lookup
- Reverse AdSense ID lookup
- Reverse iTunes ID lookup
- Reverse Google Play ID lookup
- Reverse Google Analytics ID lookup
- Reverse Google Site Verification ID lookup
- Reverse Email lookup
Gather historical records
- Get historical DNS A records
- Get historical DNS AAAA records
- Get historical DNS CNAME records
- Get historical DNS TXT records
- Get historical DNS MX records
- Get historical DNS NS records
- Get historical WHOIS records
Custom Internet-wide assets search:
NOTE: Spyse API token is required to use this tool.
API tokens are available only for registered users on their account page.
For more information about the API, please check the API Reference.
docker build -t spysecli .
echo "tesla.com" | docker run --interactive spysecli --api_token=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx subdomainspip3 install spysecli
spysecli --api_token=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -h
# API token also can be read from environment
export SPYSE_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
spysecli -hThis repository is about CLI only. If you want to integrate spyse.com into your application, you should check out our SDKs.
Official:
Community:
Targeted recon:
Get DNS records, SSL/TLS certificate, structured HTTP response, technologies, potential vulnerabilities, and other details about domain by its name.
# Command example:
echo "tesla.com" | spysecli domain
# Examples of valid input lines:
domain.com
https://example.com
https://example.com/pathGet Open ports, autonomous system number/organization, ISP, technologies, ip reputation and abuse reports, structured HTTP response, potential vulnerabilities, and other details about IP address.
# Command example:
echo "8.8.8.8" | spysecli ip
# Examples of valid input lines:
8.8.8.8
8.8.8.0/24Get associated organization, IPv4 prefixes, IPv6 prefixes, and other details about autonomous system.
# Command example:
echo "AS15169" | spysecli as
# Examples of valid input lines:
AS15169
as15169
15169Get a list of sources in which an email was seen.
# Command example:
echo "test@domain.com" | spysecli email
# Examples of valid input lines:
test@domain.comGather associated targets:
Find subdomains of a target domain
# Command example:
echo "tesla.com" | spysecli subdomains
# Examples of valid input lines:
domain.com
https://example.com
https://example.com/pathFind domains hosted on IPv4 host
# Command example:
echo "8.8.8.8" | spysecli reverse-ip
# Examples of valid input lines:
8.8.8.8
8.8.8.0/24Shows which domains are using given name server
# Command example:
echo "ns1.google.com" | spysecli reverse-ns
# Examples of valid input lines:
ns1.domain.comShows which domains are using given mail server
# Command example:
echo "mx.google.com" | spysecli reverse-mx
# Examples of valid input lines:
mx.google.comShows which IPv4 hosts are using given PTR record
# Command example:
echo "google.com" | spysecli reverse-ptr
# Examples of valid input lines:
domain.comFind all domains sharing the same AdSense ID
# Command example:
echo "1234567891234567" | spysecli reverse-adsense
# Examples of valid input lines:
pub-1234567891234567
1234567891234567Find all domains sharing the same iTunes app ID
# Command example:
echo "1188352635" | spysecli reverse-itunes
# Examples of valid input lines:
1188352635Find all domains sharing the same Google Play app ID
# Command example:
echo "google.com" | spysecli reverse-google-play
# Examples of valid input lines:
domain.comFind all domains sharing the same Google Analytics ID
# Command example:
echo "UA-12345-12" | spysecli reverse-google-analytics
# Examples of valid input lines:
UA-12345-12Find all domains sharing the same Google site verification code
# Command example:
echo "rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ" | spysecli reverse-google-site-verification
# Examples of valid input lines:
rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQFind all websites mentioning the same email address on the homepage
# Command example:
echo "test@domain.com" | spysecli reverse-email
# Examples of valid input lines:
test@domain.comGather historical records
Get historical DNS A records
# Command example:
echo "google.com" | spysecli history-dns-a
# Examples of valid input lines:
domain.comGet historical DNS AAAA records
# Command example:
echo "google.com" | spysecli history-dns-aaaa
# Examples of valid input lines:
domain.comGet historical DNS CNAME records
# Command example:
echo "google.com" | spysecli history-dns-cname
# Examples of valid input lines:
domain.comGet historical DNS TXT records
# Command example:
echo "google.com" | spysecli history-dns-txt
# Examples of valid input lines:
domain.comGet historical DNS MX records
# Command example:
echo "google.com" | spysecli history-dns-mx
# Examples of valid input lines:
domain.comGet historical DNS NS records
# Command example:
echo "google.com" | spysecli history-dns-ns
# Examples of valid input lines:
domain.comGet historical DNS WHOIS records
# Command example:
echo "google.com" | spysecli history-whois
# Examples of valid input lines:
domain.comReturns a list of domains that matched the search query.
Use API docs and Spyse Advanced Search to craft your own request.
# Command example:
echo '{"search_params":[{"name":{"operator":"ends","value":".spyse.com"}}]}' | spysecli search-domainsReturns a list of IPv4 hosts that matched the search query.
Use API docs and Spyse Advanced Search to craft your own request.
# Command example:
echo '{"search_params":[{"open_port":{"operator":"eq","value":"22"}}]}' | spysecli search-ip